Setting up Passwordless phone sign-in with Azure AD

Now we can finally sign in passwordless from our phone to Azure Active Directory! This means that when we try to authenticate to Microsoft Azure we get this, where we just need to push the same number on our authenicator app on our phone.

Now in order to set this up, we just need to add an Azure AD policy to our tenant. First we just install the PowerShell cmdlets, the add the policy.

You can see that it is active by running the command Get-AzureADPolicyOnce you are done on running the script, you just need to make a small change on the authentication app on your phone. Open the account and choose “Enable phone sign-in” this will require that your user account

NOTE: Setting up this feature, will not affect other MFA setup that you might have. For instance if you have a NPS server configured with Azure AD and that is using some other form of authentication such as MFA push notification it will still continue to do that.